Stacks on Stacks

Secure Cloud Storage Backups

Mar 10, 2018

Cloud storage is great option for backing up documents, photos, etc. Let’s look
at some of the issues surrounding cloud storage for backups.

Cost Effective

With prices as low as $1.99/month for 100 GB on Google Drive, you are
effectively paying $0.02/GB/month for storage. If you don’t mind dealing with
compressed archives (.tar.gz), you can save even more on your storage cost.

Redundancy

You can of course buy local storage for cheaper than is offered by cloud
providers if you buy a high capacity drive. In fact, this 5TB Portable Hard
Drive has a one time cost of about $0.028/GB ($130.00/4656 GB estimated usable
storage = $0.02792). However, the thing you gain with cloud storage is
redundancy. What happens if you lose that drive? Mechanical failure is
inevitable.

Accessibility

Compared to the drive in the previous example which can only be in one place
at a time, cloud storage allows you to access your files anywhere at any time.
This accessibility is a huge win.

Security

Many of the previous points highlight the benefits of cloud storage. Let’s
consider the point of security though. Now, I’m not saying that these larger
companies are using your uploaded file contents and metadata to train their
AIs for things like photo recognition, document indexing, etc., but its not out
of the question. For those that take security very seriously, you might not
want scans of your medical documents to live in cloud storage, easily readable.
It is this last part that spurs the rest of this post.

Encrypting & Decrypting your files.

In order to encrypt our files, we’ll need to install GPG. We are only going to
focus on symmetric encryption for this example. That means that we will use a
passphrase to encrypt our file and the same passphrase will be used to decrypt
our file as well. The benefits of this are its ease of use. Especially for
beginners who might not be familiar with key management, remembering a “password”
so to speak can be much easier.

Install GPG

Encrypt your file

I usually use a .tar.gz compressed archive format. You can find more info on
it in this Wikipedia page. The major benefit of this is that I only have 1
file to encrypt and upload.

Anyways, to encrypt your file simply do:

gpg -c myfile.tar.gz

This will prompt you for a passphrase twice to confirm it is correct. Then it
will spit out a file myfile.tar.gz.gpg. This file can now be uploaded as
normal and you can be fairly reassured that no one is looking through your
collection of cat gifs.

Decrypt your file

Decryption is just as simple. Simply download your gpg file that you uploaded
earlier and run:

gpg myfile.tar.gz.gpg

You will be prompted for your passphrase again and after successfully entering
it, you will have your original file: myfile.tar.gz.